ambari-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Di Li <lovelyco...@yahoo.com.INVALID>
Subject No agent heart beats after adding TLSv1 and TLSv1.1 to security.server.disabled.protocols
Date Thu, 30 Jun 2016 12:23:39 GMT
Hello folks,

I installed Ambari 2.2.0 on a single node cluster. I added TLSv1 and TLSv1.1 to the security.server.disabled.protocols
list in ambari.properties. Once I have done that I found agents couldn't connect to the ambari
server anymore, with the following error in ambari server log.

Does anyone know what I need to do to only allow TLSv1.2 ?

DEBUG [qtp-ambari-agent-54] nio:714 - EOF
org.eclipse.jetty.io.EofException
        at org.eclipse.jetty.http.HttpParser.fill(HttpParser.java:1050)
        at org.eclipse.jetty.http.HttpParser.parseNext(HttpParser.java:280)
        at org.eclipse.jetty.http.HttpParser.parseAvailable(HttpParser.java:235)
        at org.eclipse.jetty.server.AsyncHttpConnection.handle(AsyncHttpConnection.java:82)
        at org.eclipse.jetty.io.nio.SslConnection.handle(SslConnection.java:196)
        at org.eclipse.jetty.io.nio.SelectChannelEndPoint.handle(SelectChannelEndPoint.java:696)
        at org.eclipse.jetty.io.nio.SelectChannelEndPoint$1.run(SelectChannelEndPoint.java:53)
        at org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:608)
        at org.eclipse.jetty.util.thread.QueuedThreadPool$3.run(QueuedThreadPool.java:543)
        at java.lang.Thread.run(Thread.java:745)
javax.net.ssl.SSLHandshakeException: Client requested protocol TLSv1 not enabled or not supported
        at sun.security.ssl.Handshaker.checkThrown(Handshaker.java:1431)
        at sun.security.ssl.SSLEngineImpl.checkTaskThrown(SSLEngineImpl.java:535)
        at sun.security.ssl.SSLEngineImpl.writeAppRecord(SSLEngineImpl.java:1214)
        at sun.security.ssl.SSLEngineImpl.wrap(SSLEngineImpl.java:1186)
        at javax.net.ssl.SSLEngine.wrap(SSLEngine.java:469)
        at org.eclipse.jetty.io.nio.SslConnection.wrap(SslConnection.java:465)
        at org.eclipse.jetty.io.nio.SslConnection.process(SslConnection.java:386)
        at org.eclipse.jetty.io.nio.SslConnection.access$900(SslConnection.java:48)
        at org.eclipse.jetty.io.nio.SslConnection$SslEndPoint.fill(SslConnection.java:715)
        at org.eclipse.jetty.http.HttpParser.fill(HttpParser.java:1044)
        at org.eclipse.jetty.http.HttpParser.parseNext(HttpParser.java:280)
        at org.eclipse.jetty.http.HttpParser.parseAvailable(HttpParser.java:235)
        at org.eclipse.jetty.server.AsyncHttpConnection.handle(AsyncHttpConnection.java:82)
        at org.eclipse.jetty.io.nio.SslConnection.handle(SslConnection.java:196)
        at org.eclipse.jetty.io.nio.SelectChannelEndPoint.handle(SelectChannelEndPoint.java:696)
        at org.eclipse.jetty.io.nio.SelectChannelEndPoint$1.run(SelectChannelEndPoint.java:53)
        at org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:608)
        at org.eclipse.jetty.util.thread.QueuedThreadPool$3.run(QueuedThreadPool.java:543)
        at java.lang.Thread.run(Thread.java:745)


Thanks.

Di

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message